[Nagiosplug-devel] Please can I have GIT access

Thomas Guyot-Sionnest dermoth at aei.ca
Fri Sep 4 16:43:10 CEST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Alain Williams wrote:
> On Fri, Sep 04, 2009 at 10:05:01AM -0400, Thomas Guyot-Sionnest wrote:
> 
>> The plugin can easily detect if the FH isn't open and throw an helpful
>> error. Moreover, I believe nagios should be told explicitly to store
>> data for a command.
> 
> Nooooo! This is an invitation to errors.
> What you are suggesting is that the plugin is to expect FD 3 to be open
> and use it to read/write data from (or was it FD 3 to read, FD 4 to write?).
> 
> The problem is that the plugin can't really tell what the FD is connected to.
> So: when[**] the plugin is invoked and FD 3 is open on something else that
> got inherited (some bug in the shell, login, sudo, ... left it open on /etc/passwd)
> and it just uses it .... you have a disaster.

Still that is a bug. And if a simple plugin end up clobbering
/etc/passwd (or anything similar), you have a way bigger issue because:
1. The FH should have been opened read-only unless for writing (in the
latter case is should have been closed promptly too).
2. The plugin shouldn't be running as root

> Also: I don't about you, but when playing with a new plugin I run it a few
> times by hand from the shell. It is much more difficult to have the
> FDs open as opposed to a --statefile=/xxxx option.

Have you seen my first example?

touch file; ./check_stuff 3<file 4>file.new; mv file.new file

And as I keep saying a wrapper program would be provided too.

- --
Thomas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkqhJ34ACgkQ6dZ+Kt5BchatYgCcDShmQ1hwPGqbUko24fBiehn3
In8AoLYGjL/1AV+Szx/5YvIAfeBl8PhO
=hsWb
-----END PGP SIGNATURE-----




More information about the Devel mailing list